Changeset 58851 in webkit for trunk/JavaScriptCore/wtf/text/AtomicString.cpp

Timestamp:

May 5, 2010, 6:08:53 PM (15 years ago)

Author:

[email protected]

Message:

Bug 38604 - workers-gc2 crashing on Qt

Reviewed by Darin Adler.

This appears to be due to a couple of issues.
(1) When the atomic string table is deleted it does not clear the 'inTable' bit
on AtomicStrings - it implicitly assumes that all AtomicStrings have already
been deleted at this point (otherwise they will crash in their destructor when
they try to remove themselves from the atomic string table).
(2) We don't fix the ordering in which WTF::WTFThreadData and
WebCore::ThreadGlobalData are destructed.

We should make sure that ThreadGlobalData is cleaned up before worker threads
terminate and WTF::WTFThreadData is destroyed, and we should clear the inTable
bit of members on atomic string table destruction.

JavaScriptCore:

WTF changes (fix issue 1, above) - ensure inTable property is cleared when the
atomic string table is destroyed (also, rename InTable to IsAtomic, to make it
clear which table we are refering to!)

• wtf/text/AtomicString.cpp:

(WebCore::AtomicStringTable::destroy):
(WebCore::CStringTranslator::translate):
(WebCore::UCharBufferTranslator::translate):
(WebCore::HashAndCharactersTranslator::translate):
(WebCore::AtomicString::add):

• wtf/text/StringImpl.cpp:

(WebCore::StringImpl::~StringImpl):

• wtf/text/StringImpl.h:

(WebCore::StringImpl::isAtomic):
(WebCore::StringImpl::setIsAtomic):

• wtf/text/StringImplBase.h:

WebCore:

WTF changes (fix issue 2, above) - clean up the thread data on worker termination.

• platform/ThreadGlobalData.cpp:

(WebCore::ThreadGlobalData::~ThreadGlobalData):
(WebCore::ThreadGlobalData::destroy):

• platform/ThreadGlobalData.h:
• workers/WorkerThread.cpp:

(WebCore::WorkerThread::workerThread):

File:

• trunk/JavaScriptCore/wtf/text/AtomicString.cpp (modified) (6 diffs)

trunk/JavaScriptCore/wtf/text/AtomicString.cpp

@@ -56 +56 @@
     static void destroy(AtomicStringTable* table)
     {
+        HashSet<StringImpl*>::iterator end = table->m_table.end();
+        for (HashSet<StringImpl*>::iterator iter = table->m_table.begin(); iter != end; ++iter)
+            (*iter)->setIsAtomic(false);
         delete table;
     }
@@ -93 +96 @@
         location = StringImpl::create(c).releaseRef(); 
         location->setHash(hash);
-        location->setInTable();
+        location->setIsAtomic(true);
     }
 };
@@ -172 +175 @@
         location = StringImpl::create(buf.s, buf.length).releaseRef(); 
         location->setHash(hash);
-        location->setInTable();
+        location->setIsAtomic(true);
     }
 };
@@ -198 +201 @@
         location = StringImpl::create(buffer.characters, buffer.length).releaseRef();
         location->setHash(hash);
-        location->setInTable();
+        location->setIsAtomic(true);
     }
 };
@@ -255 +258 @@
 PassRefPtr<StringImpl> AtomicString::add(StringImpl* r)
 {
-    if (!r || r->inTable())
+    if (!r || r->isAtomic())
         return r;
 
@@ -263 +266 @@
     StringImpl* result = *stringTable().add(r).first;
     if (result == r)
-        r->setInTable();
+        r->setIsAtomic(true);
     return result;
 }